7 Security Holes Addressed with Release of Chrome 23.0.1271.91

Users are advised to update their installations to the latest version

Google addresses vulnerabilities in Chrome

The stable channel of Chrome has been updated to 23.0.1271.91. Besides fixing flash audio problems and Windows Server 2003 issues, Google also addressed a total of 7 security holes, some of which could have been exploited by cybercriminals to execute arbitrary code.

Justin Drake has identified a high-impact issue caused by corrupt rendering in the Apple OSX driver for Intel GPUs. For his findings, the search giant rewarded him with $1,000 (800 EUR).

Other high-impact vulnerabilities, discovered by miaubiz and Jüri Aedla of the Google Chrome Security Team, were caused by a use-after-free bug in SVG filters and a buffer underflow in libxml.

Atte Kettunen of OUSPG was rewarded with $500 (400 EUR) for finding an out-of-bounds read in Skia.

Two additional medium-severity vulnerabilities have been identified by members of the Google Chrome Security Team. Attila Szász has been credited for locating a low-impact flaw.

Users are advised to install the latest version to protect themselves against cybercriminal operations that might leverage these vulnerabilities.